Conventional e-mail systems may be used to send messages. One problem with e-mail messages is that the source of the e-mail can be falsified to make it appear as though an entity other than the actual sender sent the message. For example, a malicious sender of an e-mail message could make the message appear as though it was sent from a financial institution.
When a sender falsifies the sender information in an e-mail message, the recipient of that message may take action or accept information contained in the message as true. For example, the e-mail message may indicate that the recipient's account at a financial institution requires updating, and the message may request the recipient to click on a link. When the recipient believes the message and clicks on the link, the recipient can be brought to a web site that looks like the web site of the financial institution, but is actually operated by the malicious party. When the recipient attempts to log into the web site, the user identifier and password are captured by the web site operated by the malicious party, and used by the malicious party to log into the real web site of the financial institution. The malicious part then takes the funds in the account of the recipient of the e-mail message.
A malicious party need not originate the message. The malicious party may simply intercept a legitimate message and change it. For example, the links in an e-mail message may be altered to correspond to a malicious party's server instead of the intended server. If the recipient clicks a link in the message, the recipient then communicates with the malicious party's server instead of the one intended by the sender of the message. The malicious party can then accomplish a malicious result, such as the one described above. However, if the recipient checks with the source of the message, for example, by phoning the financial institution that sent the original, unaltered message, the sender of the message may verify that in fact, they sent the message, authenticating the altered message.
If the recipient of such messages is aware of the potential problem with e-mail messages, the recipient may refuse to believe that any message from a financial institution is authentic. As a result, authentic messages from financial institutions are disbelieved or disregarded. Because e-mail is a relatively inexpensive advertising medium, financial institutions and others whose identity is frequently falsified in malicious e-mail messages are either forced to stop communicating with actual or potential customers via e-mail, continue to send e-mails that have a much lower rate of being read by the recipient than could otherwise be achieved, or must use a different communication medium that is more expensive than e-mail.
If the recipient could easily distinguish between a legitimate e-mail message and one from a malicious party, the above problems would not be prevalent. One potential way to allow a recipient to authenticate the message might be to store every e-mail message on the server of authentic senders of such messages. The recipient could then compare the message received with the messages stored for that recipient on the server, or automated tools could perform such comparison. However, such storage could involve millions of messages, and thus be prohibitively expensive.
Other ways of authenticating the message could be used, such as by encrypting the message with a private key and having the recipient decrypt the message with the purported sender's private key. However, such arrangements have proven to be too complex for many recipients to perform accurately.
What is needed is a system and method that can allow a recipient to authenticate an e-mail message without storing every e-mail message at the time the e-mail is sent and without requiring the recipient to employ a public key.